This page aggregates publicly disclosed CVE and security risk information related to philex, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-1698 | download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter. | [email protected] | 5.0 | 6.09% | 2007-03-27 | 2026-04-23 |
| CVE-2007-1697 | PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter. | [email protected] | 10.0 | 82.10% | 2007-03-27 | 2026-04-23 |